Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1485

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1485
Last Modified 05 Sep 2008 04:41:31
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1485

Summary

Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.

Vulnerable Systems


References

XF - inetutils-tftp-dns-bo(17878)

BID - 11527

BUGTRAQ - 20041026 inetutils tftp client, DNS resolving bofs


Last Updated: 27 May 2016 10:39:03